The main Avast antivirus service contained a custom JavaScript interpreter, enabling wormable pre-auth RCEs. Avast has now disabled the emulator in response to a vulnerability report security Link 13 votes